Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
systemd and denyhosts - ssh.log
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3333
Location: de

PostPosted: Tue May 21, 2013 10:54 pm    Post subject: systemd and denyhosts - ssh.log Reply with quote

Hi there.

After switching to systemd denyhosts stopped working. The reason:
/etc/denyhosts.conf:
SECURE_LOG = /var/log/messages


systemd doesn't fill that file anymore. And denyhosts uses the log file to put the attacking servers into /etc/hosts.deny. The systemd logs are binary trash in /var/log/journal/$strangeID/system.journal.

Is there a chance to get systemd and denyhosts working together? How do the other distributions handle that?
Back to top
View user's profile Send private message
ulenrich
Veteran
Veteran


Joined: 10 Oct 2010
Posts: 1480

PostPosted: Wed May 22, 2013 12:09 am    Post subject: Reply with quote

You can use any of the usual old syslog software to get the old log files available.
Perhaps you could even direct journald to directly put some text files there ...
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3333
Location: de

PostPosted: Wed May 22, 2013 9:34 am    Post subject: Reply with quote

ulenrich wrote:
You can use any of the usual old syslog software to get the old log files available.

Yes, I found some "solutions", where I can start syslog-ng and connect it to the systemd-journal socket. But that's not my goal. I don't want to have 2 log daemons running.

ulenrich wrote:
Perhaps you could even direct journald to directly put some text files there ...

That's the idea. Only the approach to realize that is missing.
Back to top
View user's profile Send private message
ulenrich
Veteran
Veteran


Joined: 10 Oct 2010
Posts: 1480

PostPosted: Wed May 22, 2013 10:36 am    Post subject: Reply with quote

Quote:
ulenrich wrote:
Perhaps you could even direct journald to directly put some text files there ...

That's the idea. Only the approach to realize that is missing.

Well, as an old user you should intuitively know the place to look at:
/etc/systemd/journald.conf

"man journald.conf" says:
SEE ALSO systemd-journald.service journalctl systemd.journal-fields

If you want specials with systemd there are many man pages ...
(Only if you just want to run the usual there is no need to read anything)

Or, if you pretty well know the traditional tools, why not "Storage=volatile"
and syslog-ng ?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum